40a38dae2c3321016a5eb59e08cc3e41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40a38dae2c3321016a5eb59e08cc3e41_JaffaCakes118
Size

16KB
MD5

40a38dae2c3321016a5eb59e08cc3e41
SHA1

0166cc1ac90ca6d28451a96208baafad0e7dbd3b
SHA256

35081ed3ec7bf1a53dd6cec458c72d9dad3496f1f9a9e460fcccd4cfe18d0d6b
SHA512

cb1da8b75d1bfc15f4ab1fb1bd1dd31fbf0d96e5699b93bd0d8bdc750818b1881d6e1d9beb96ef89d900e8a26d0581a02935519b73cb2a83b09d54430546f978
SSDEEP

48:OEPVeMTbDPRVjafYj8sXHRN+SAoAq2pDFFmmSSrtBPUu4ZZdroyJ:nPjJVuAosXHrdjUphFmmHau4JoyJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a38dae2c3321016a5eb59e08cc3e41_JaffaCakes118

Files

40a38dae2c3321016a5eb59e08cc3e41_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4542d6513cbdb42d3d00c29cade1c016

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteConsoleA
ExitProcess
GetProcAddress
GetModuleHandleA
lstrlenA
GetStdHandle
GetCommandLineA

wsock32

recv
inet_addr
htons
connect
closesocket
WSAStartup
send
socket
WSACleanup

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ